RE: Cipe and dialup...|
"Mark Smith" <mark.smith,AT,avcosystems,DOT,co,DOT,uk>|
Fri, 27 Sep 2002 17:09:20 +0200|
> ?! I suppose that when a cipe dynamic peer comes up, and say to static
> peer ``hi, i'm X.Y.Z.W:P'', the static one keep talking to X.Y.Z.W:P
> until some other greeting arrived.
That's my understanding of it, yes.
> If i've understood well, when the static peer expire the key, they
> doesn't even try to contact dynamic peer, so link cant work. Right?!
The static end does attempt to contact the dynamic, which may have
disconnected by then. I'm not aware if there's an option to let it cope
with this, I'd imagine there's a way - anyone else know the details?
> i've forgot to say that the local have
> static ip, and the rmote has dynamic ip... so this complicate the
> things... i've just put in ip-up some pings to (static) peers to force
> a key exchange but i cannot do this without keep the connection up...
This makes a little more sense. You only need to perform a single ping from
the dynamic end to the static end's real ip address - a real ping, not a
cipe one - in the ip-up script. That shouldn't keep the link up, but will
inform the static end what the remote's IP address is. Do you use the
'dynip' option in the dynamic end's cipe options?
It may be better to use the ip-up and ip-down scripts to start and stop the
cipe tunnel. This has the benefit of restarting the tunnel when the ppp
link comes up, which would then send traffic and negotiate a key
automatically. No timeouts would be involved with key negotiation, but this
may only work depending on your specific routing configuration - if you rely
on the tunnel being there to establish the autodial, you'll have to check
that this still works with the tunnel not there when the connection is down.
Mark Smith - Avco Systems Ltd
Tel: +44 (0)1784 430996 Fax: +44 (0)1784 431078